Here’s a Handy Roadmap for Anyone Scared of WordPress



Let’s not fool ourselves here … WordPress is a complicated thing.

And no matter what most tutorials on the web try to say, getting a good grasp on it does take some time indeed.

Besides, if it hadn’t been complicated, I wouldn’t have been asked to write a whole book on how to work with it.

So what I want to show you today is a slightly different approach to WordPress.

Instead of being all technical, I will focus just on the part that an actual online business owner would care about.

My guess is that you don’t care that much about code, or streamlined processes, or CSS, or HTML5, or any of that stuff.

What you do care about, however, is how you can use WordPress to make running your website as easy and straightforward as possible, so you can focus on what’s really important – your actual business goals.

So this resource is a type of roadmap. You can go from station to station and take care of all the steps one by one. Also, if you have something already figured out then you can skip a given station and move on to the next one.

Things you must do

Every new WordPress site starts just about the same. Although there are tons of things you can do when setting everything up, from my point of view, there are actually only two essential elements:

  • Mastering the 5 minute install. You don’t have to hire a developer just to get your site up and running. Doing this yourself takes 5 minutes.
  • Setting proper user roles. This is something that 90 percent of people overlook when it comes to new WordPress sites. Something worth keeping in mind is that setting the correct user roles is the first thing you should do to secure your site and make your data safe.

When we’re talking WordPress, design = themes.

Nowadays, it’s really ineffective to hire a designer and tell them to build you a site from the ground up. This will be awfully expensive and you get no guarantee that the results will be any good.

A much better solution is to just get a theme. However, two rules:

Two major theme stores that I can recommend are ThemeFuse (worked with them on a number of projects) and StudioPress (this site runs on a StudioPress’ theme).

Okay, but how do I choose the perfect theme and then have it installed?

Glad you’re asking!

I wrote two guest posts on ProBlogger on this very topic:


Extra features

Again, when we’re talking WordPress, extra features = plugins.

Currently, there are more than 30,000 different plugins available in the official directory at What this means in plain English is:

There’s surely a plugin for that.

– is how you should be thinking of extra features for your site.

Now, as much as people like to publish those “top 10 essential plugins you must get” lists, the fact is that very few of them are truly essential. And the list changes every year.

For me, there are only seven plugins that I use on every site I run, and this is something I mentioned in my book too (shoot me a message if you’d like a free chapter, by the way).

They are:


SEO, as in Search Engine Optimization, as in “how to lose a lot of money with no results to show for.”

Okay, just joking, but the fact is that I’m not the top expert on SEO out there. That’s why I wrote this: How to learn SEO online if you’re a beginner.


Running a business

This point right here is why we’re actually using WordPress on our sites – to run a business.

Quite frankly, this whole website is about this very topic, so I won’t even attempt to give you any in-the-nutshell solution. There isn’t one.

Instead, start here and dominate!


Over to you

I’m curious; do you have WordPress figured out when it comes to running your business website? Or is there anything you’re absolutely clueless about and would like to learn? Hit me up.

More cool resources just like this in your inbox.
Let’s grow our businesses together!

Head photo by freevintageposters, fireworks by bayasaa / CC BY 2.0

Here’s a Handy Roadmap for Anyone Scared of WordPress |

How Long Does It Take to Recover Your Site From Being Hacked, Google-Wise [Case Study]

Recover Your Site From Being Hacked

Recover Your Site From Being Hacked

UPDATE. This whole thing happened at the turn of 2013 and 2014. However, I’m still experiencing some SEO consequences of this and that’s why I consider this study a valuable read for any online business owner. At the bottom, there are takeaway lessons on how you can avoid something similar happening to your site.

A couple of months ago, my domain got hacked. Kind of. I mean, the domain itself didn’t get hacked directly, but the problem was the server it was hosted on.

Back then, I was a HostGator customer, a mistake I will never make again.

Just to give you a quick heads-up on that situation, HostGator doesn’t care that much about their customers’ safety. So in my case, they allowed for a spam forum to get installed on my domain without my knowledge.

You could see it by navigating to (no longer there, so don’t bother checking the URL). The forum featured a ton of spam phrases and links. As we all know, those things are not good for SEO…not good at all.

So how did I discover the problem? Well, I’m not an IT security ninja or anything. I was simply informed by vBulletin update service that “my forum needs to be updated.” Can you imagine?

I quickly found that the forum is quite big, and what’s even worse …

525 pages of it were indexed by Google

This is visible on the screenshot I took on the day of the discovery:


Oct 15th 2013

This was Oct 15th 2013.

Today’s Jan 17th 2014 and 2 of the pages are still indexed

… despite being nonexistent for months:


Jan 17th 2014

This means that Google still didn’t manage to fix things on their end.

(By the way, for future reference; if you want to check out what’s the status of the spam pages on Google this very moment, click here.)

I’m saying this not to complain about my own personal situation but to provide some educational value. What I mean precisely is that Google is obviously not as good at indexing stuff as we’d like it to be.

And what that means for you is that you will likely be forced to wait a similar amount of time, should you get hit by a similar problem.

What did I do about the index?

Apparently, I didn’t just sit patiently and wait for Google to do its magic on their own, so I took some steps to help them out.

First of all, here are the things I didn’t do.

I didn’t go to the index exclusion tool available in Google Webmaster Tools. The reason why is simple, in my book, using this tool would just like admitting that I’m guilty of placing the forum there, which I wasn’t.

Now, I’m not entirely sure whether such reasoning makes sense or not, but that’s what I did nevertheless.

Here are the three main things I did:

1. Changed my webhost

HostGator failed to even acknowledge the problem so I moved over to IX Web Hosting. One of the nice surprises right off the bat was that they gave me a dedicated IP for no extra charge (it has its values for SEO, I’d advise always going for a dedicated IP if you have the chance).

Changing my webhost ultimately killed the forum since the problem was on the previous server. This also confirmed that it was exactly the case, by the way.

2. Researched .htaccess files

The .htaccess file is a small text file that sits in your server’s root (main) directory and deals cards as for who gets to see what on your site, more or less.

In other words, you can prevent anyone from accessing a given area of your site by creating a new rule in the .htaccess file.

What I did was block all access to

3. Tuned my robots.txt file

Robots.txt is another text file sitting in your server’s root directory. This one is responsible for regulating what gets accessed by search engine robots (hence the name, robots.txt).

This was another place where I blocked access to the forum.

Could I do anything more?

Maybe, I don’t know. I should have probably reached out to some security specialist. Too bad I didn’t.

Nonetheless, I thought that the above was just enough for Google to get a grasp and deindex those old and non-existent forum pages.

It wasn’t.

As I already mentioned here, I still have 2 pages indexed in Google.

The takeaway and lessons for the future

A handful of them:

  1. Always keep a close eye on what’s going on on your domain/site. Do it through rank tracking tools like Market Samurai, Moz, or even Google Webmaster Tools.
  2. Use additional security plugins like BulletProof Security.
  3. Perform frequent site backups. You can use Online Backup for WordPress for that.
  4. In case anything bad happens, make fast decisions. Like my decision to flee from HostGator.
  5. (Something I didn’t do.) Ask around on expert forums online. In hindsight, this could have saved me a lot of hassle and wandering in the dark.

How Long Does It Take to Recover Your Site From Being Hacked, Google-Wise [Case Study] |